刚开始使用PHP,我有这个代码和一个导致这个文件的锚标记
// logout.php
<?php
session_start();
session_destroy();
header('Location: [redirecting link]');
exit();
?>
这是否可以,或者可能有一些角落的情况这样做?比如,如果我使用这个代码,恶意用户将无法做任何坏事,对吧?
答案 0 :(得分:1)
解释为什么这会将用户退出会话:
<?php
//this continues the session, or if the user doesn't have a session, will create one.
session_start();
//destroy their session, they are now "logged out"
session_destroy();
//this line redirects to a new page, such as the home page, but isn't doing anything to terminate the session.
header('Location:'.$config['baseurl']);
//terminate the script
exit();
?>